Restricting Administrator Access for Security Purposes

Right now, there’s a lot of talkabout configuring workstations sothat users don’t have administratoraccess. How much safer doesrestricting administrator access reallymake you?

You’re right, a lot of attention is being given to restricting administrator authority on workstations and a lot of hype surrounds Windows Vista’s improved handling of administrator authority. Restricting administrator access on PCs helps prevent users from installing unauthorized or unlicensed software and helps reduce the impact of malware inadvertently executed by the user. It obviously doesn’t do anything to protect the resources that users have access to on their local computer or elsewhere on the network. Malware that executes under the authority of the user can access any information or resources to which the user has permissions whether or not the user is an administrator of his or her local computer.

Are you safer when users don’t runas an administrator? Yes. How muchsafer? Not as much as you mightthink. Restricting administrator access is only one piece of the puzzle.You also must implement malwaredefenses such as antivirus tools,patching, and training.